When strategizing data governance, it’s essential to recognize the synergy between people and processes, along with the various considerations and challenges that arise. A common issue organizations face is the differentiation between ‘hats’ and ‘roles’ within their structures. While these terms are often used interchangeably, they carry distinct implications for responsibility, accountability, and the overall success of data governance initiatives.
The intentional distinction between ‘hats’ and ‘roles’ is crucial, as the practice of wearing multiple hats can complicate the governance process. When responsibilities and accountabilities are unclear, the effectiveness of governance can suffer. Different companies may approach governance in various ways, but a consistent need is for individuals to take clear responsibility for specific parts of the process. When these lines of responsibility are blurred, it often leads to inadequate work, miscommunication, and overall mismanagement.
Also Read: Turning Data into a Strategic Asset
The Problem of Blurred Lines
In many organizations, especially those with smaller teams or flat structures, individuals often wear multiple hats. While this flexibility can be advantageous in certain situations, it can also lead to confusion over who is responsible for specific tasks. For instance, a data analyst might take on responsibilities typically assigned to a data steward or data engineer. While this can enhance agility, it can also result in overlap, miscommunication, and tasks falling through the cracks. In a data governance context, this can lead to inadequate data quality checks, inconsistent metadata management, and ultimately, a failure to maintain data integrity.
The Need for Clarity
To avoid these pitfalls, it is essential to clearly define roles and responsibilities within the organization. This means distinguishing between what is expected of an individual in their official role and what additional tasks they might take on. This clarity ensures that everyone knows who is responsible for each aspect of the data governance process, reducing the risk of overlap and ensuring accountability.
Considerations and Issues in People and Process Integration
Successfully integrating people and processes requires careful consideration of several key issues. These include the reliance on tribal knowledge, the challenges of data definition, outdated access methods, and the need for compliance with regulations.
Reliance on Tribal Knowledge and SMEs
One of the most significant challenges in data governance is the reliance on tribal knowledge—informal, undocumented knowledge that resides within the minds of employees. This knowledge is often crucial for understanding the nuances of data sets, but it is also highly fragile. As roles change and employees move on, this knowledge can be lost, leading to gaps in data governance.
Subject matter experts (SMEs) play a critical role in bridging this gap, but over-reliance on a few individuals can create bottlenecks. Tools that enable crowdsourcing of information, such as platforms where analysts can comment on or rate datasets, can help mitigate this issue by distributing knowledge more broadly. However, the ultimate goal should be to minimize reliance on individuals by implementing processes and tools that capture and disseminate this knowledge across the organization.
Defining and Enriching Data
Data definition is another critical issue in data governance. Without a clear understanding of what each data element represents, it is impossible to effectively use that data for decision-making. This process of defining and enriching data is often manual and labour-intensive, particularly in organizations with disparate data storage systems.
Automated tools can help streamline this process, but they are not a panacea. There is still a need for human oversight to ensure that data is accurately defined, and that sensitive data is appropriately handled. Clear roles and responsibilities are essential here to ensure that this work is carried out consistently and effectively.
Outdated Access Methods
Traditional access control methods—where users are either granted or denied access based on their role – are increasingly inadequate in today’s data-driven businesses. Modern organizations often require more nuanced access controls that take into account not just the role of the user but also the intent behind their access.
For example, a user might need access to customer shipping data for one purpose (e.g.fulfilling an order) but should be restricted from using that same data for another purpose (e.g. marketing). Implementing such granular access controls requires a deep understanding of both the data and the business processes it supports. This in turn, requires clearly defined roles and responsibilities to ensure that access controls are correctly implemented and maintained.
Regulation Compliance
Compliance with regulations such as GDPR and CCPA is another area where the alignment of people and processes is critical. These regulations often require organizations to implement stringent controls over their data, including the ability to delete all data related to an individual upon request.
Achieving compliance can be particularly challenging for organizations that did not initially design their data systems with these requirements in mind. To address this, organizations need to clearly define the roles responsible for ensuring compliance and put in place processes that enable them to quickly and accurately locate and manage data across their systems.
Successful Strategies for Integrating People and Processes
While the challenges of aligning people and processes in data governance are significant, there are several strategies that organizations can implement to improve their chances of success. These include data segregation within storage systems, data ownership by lines of business, the creation of dataset views, and fostering a culture of privacy and security.
Data Segregation Within Storage Systems
One strategy that has proven successful is the segregation of data within storage systems. This involves separating curated, known data from uncurated, unknown data. Some organizations choose to store uncurated data on-premises and move only curated data to the cloud. This reduces the risk of sensitive data being inadvertently exposed in a less secure environment.
However, this approach also has drawbacks, particularly when it comes to running analytics across different data sets. To mitigate these challenges, some organizations create different layers or zones within their cloud environments, allowing for more controlled access to data while still enabling robust analytics.
Data Ownership by Line of Business
Another effective strategy is to assign data ownership by line of business. In this model, each line of business is responsible for managing its own data, including data enrichment, access control, and governance policy implementation. This approach not only ensures accountability but also allows for a deeper understanding of the data within each business unit, leading to more effective data governance.
However, this approach can also lead to data silos, making it difficult to run cross-business analytics. To address this, organizations need to implement processes that enable data sharing and collaboration across business units, while still maintaining clear lines of ownership and responsibility.
Creation of Dataset Views
Creating different views of datasets is a classic strategy for managing access to sensitive data. By creating “clean” views that have been sanitized of sensitive information, organizations can enable more users to access and analyse data without risking exposure of sensitive information.
While this approach is effective, it can be time-consuming and resource-intensive, particularly as new data comes in and requires constant updating of these views. Organizations need to balance the benefits of this approach with the need to streamline and automate the process as much as possible.
Fostering a Culture of Privacy and Security
Finally, fostering a culture of privacy and security is essential for successful data governance. This goes beyond simply implementing the right tools and processes—it requires a fundamental shift in how employees think about and interact with data.
Organizations that successfully build a culture of privacy and security often do so by involving employees in the process from the start, providing training and education on best practices, and continually reinforcing the importance of data governance through leadership and communication.
The distinction between hats and roles is more than just a semantic difference—it has real implications for how organizations structure their data governance efforts. By clearly defining roles and responsibilities and by implementing strategies that align people and processes, organizations can overcome the challenges of data governance and achieve greater success. As data continues to grow in volume and complexity, the need for effective data governance will only increase. By addressing the issues discussed in this article and implementing the strategies outlined, organizations can position themselves to not only meet these challenges but also to leverage their data as a strategic asset that drives business success.
Reference
- Anderson, Dean and Anderson, Linda Ackerson. Beyond Change Management. Pfeiffer, 2012.
Indicator Definitions. CreateSpace Independent Publishing Platform, 2015. Print.Evren Eryurek, Uri Gilad, Valliappa Lakshmanan, Anita Kibunguchy, Jessi AshdownData Governance: The Definitive Guide. People, Process and Tools to Operationalize Data Trustworthiness. March 2021.
Also Read: Tailoring Data Governance